<?php  
defined('IN_SITE') or exit('Access Denied');

switch($action)
{
	// aming
	// 需要计算下载次数的解决方案,方法
	// $downurl = urlencode(site_auth("c=$r[contentid]&f=$r[downurl]", 'ENCODE', AUTH_KEY));
	// <a href="download.php?url=$downurl">
	case 'download':
		$url = site_auth($url, 'DECODE', AUTH_KEY);
		
		// parse_str用来解析（分离）URL中的查询字符串（Query String），所谓查询字符串是指一个URL中?后面的部分，如http://localhost/test/result.php?name=anve&age=21，则查询字符串就是"name=anve&age=21" 当然在PHP里，你可以用$_GET数组来取得查询字符串的值，但有时候parse_str会方便些，特别是当查询字符串中的变量名（对应于上面例子中的name和age）不知道的时候。
		parse_str($url);
		
		$contentid = intval($c);
		$fileurl = trim($f);
		
		include MOD_ROOT.'content/content.class.php';
		$content = new content;
		$data = $content->get($c);
		$content->hits($c);
		
		//远程文件
		if(strpos($fileurl, ':/'))
		{
			header("Location: $fileurl");
		}
		//本地文件
		else
		{
			header("Location: ".SITE_URL.$fileurl);
			
		}
	break;
	
	// 目前发现好像只有fck使用到这个模块，除此之外暂无其他用途 aming
	case 'upload':
		require_once MOD_ROOT.'attachment/attachment.class.php';
		require_once 'image.class.php';
		if(!$_userid)
		{
			if($from == 'fckeditor')
			{
				$message = "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8".CHARSET."\"><script language='javascript'>";
				$message .= "window.parent.show_ok('1-".$id."','没有上传权限！');";
				$message .= "</script>";
				exit($message);
			}
			else
			{
				showmessage('不允许游客上传！');
			}
		}
		session_start();
		if($dosubmit=1)
		{
			// 这里是mod，不是module
			$attachment = new attachment($mod);
			$aids = $attachment->upload('uploadfile', UPLOAD_ALLOWEXT, UPLOAD_MAXSIZE, 1);
			$filename = $attachment->uploadedfiles[0]['filename'];
			$filepath = $attachment->uploadedfiles[0]['filepath'];
			$fileurl = UPLOAD_URL.$filepath;
			$extension = fileext($filename);
			
			// FCK编辑器里面上传
			if($from == 'fckeditor')
			{
				//$fileurl = url($fileurl);
				$fileurl = SITE_URL.$fileurl;
				if(empty($filepath))
				{
					$message = "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8".CHARSET."\"><script language='javascript'>";
					$message .= "window.parent.show_ok('1-".$id."','".$attachment->error()."');";
					$message .= "</script>";
					echo $message;exit;
				}
				if($SETTING['watermark_enable'])
				{
					$imagefile = UPLOAD_ROOT.$filepath;
					$image = new image();
					$image->watermark($imagefile, $imagefile, $SETTING['watermark_pos'], $SETTING['watermark_img']);
				}
				if($SETTING['thumb_enable']  && in_array($extension,array('jpg','jpeg','gif','png','bmp')))
				{			
					$imagefile = UPLOAD_ROOT.$filepath;
					$image = new image();
					$filename = $image->thumb($imagefile, $imagefile, $SETTING['thumb_width'], $SETTING['thumb_height']);			
				}
				$filename = basename($filepath);
				
				// 插入成功返回
				if(isset($id)) 
				{
					$message = "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8".CHARSET."\"><script language='javascript'>";
					$message .= "window.parent.show_ok('0-".$id."','".md5($fileurl.AUTH_KEY)." $MM_objid $fileurl');";
					$message .= "</script>";
				}
				else
				{
					$message = "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8".CHARSET."\"><script language='javascript'>";
					$message .= "window.parent.SetUrl('$fileurl', '', '', '$filename');";
					$message .= "</script>";
				}
			}
			exit($message);
		}
		else
		{
			include template('attachment_upload.html');
		}
	break;

	case 'del_file':
		if(md5($filepath.AUTH_KEY)==$verfiy) 
		{
			if(preg_match("%".UPLOAD_URL."%i",$filepath)) 
			{
				// 这里是mod，不是module
				$attachment = new attachment($mod);
				$filepath = str_replace('/'.UPLOAD_URL,'',$filepath);
				if($attachment->delete("filepath = '$filepath'"))
				{
					echo('ok');
				}
			}
		}
	break;
	
}
	
?>